Twitter, the microblogging site, is on the hunt for the GitHub user who leaked its source code and has filed a lawsuit against the breach. the Elon-Musk-owned social media platform is asking Github to produce the user in question and all other users who engaged with the source code while it was on the platform.
According to a legal filing, parts of Twitter’s source code, the computer code the social network is built upon, its web service’s various functions, and internal tools were leaked online. This incident occurred only a few days after the Twitter boss, Elon Musk, announced via the platform that “Twitter will open source all code used to recommend tweets on March 31st”.
The code, which was leaked and posted on GitHub, the most popular code repository and online collaboration platform for software developers, was deleted on Friday by the platform after Twitter sent an infringement notice to GitHub.
Although it is unclear what part was leaked or how long the leaked codes had been online, it appeared it had been for months. However, MyBroadband reports that the user, FreeSpeechEnthusiast, appeared to have joined GitHub specifically to make that post, as the account only joined this year and has no other posts.
The username appears to be a dig at Twitter’s founder Elon Musk, who has consistently asserted his commitment to “free speech.”
But Twitter seems to ignore the free speech policy, as it now requests that GitHub provide IP addresses, names, addresses, phone numbers, and emails for those individuals. who posted, downloaded, or uploaded the data, as well as the true identity of the user behind the account.
According to New York Times, the company has also launched an internal investigation as it suspects a former employee is behind the breach. Exposure to the microblogging site’s internal working may make the service more vulnerable to hacking attempts.
Additionally, it is an unusual and major intellectual property exposure when the company is working to fix technical issues, particularly given that Twitter’s email address for press inquiries continues to auto-reply with a poop emoji.
Source code leaks are not a new thing
While some companies engage in open-source code policy for its many benefits, others release just a part of their source code, which benefits their customers and the community. However, just like Twitter, some companies have felt the heat of having their source code leaked to the public.
In 2018, a small part of Snapchat’s source code was exposed on GitHub through an iOS Snapchat update and was later removed at the company’s request. In 2020, an AWS DevOps Cloud Engineer uploaded nearly a gigabyte of data to a private GitHub folder which got exposed. AWS and RSA key pair inventories were included in this source code leak.
In 2021, Nissan’s source code was leaked due to the misconfiguration of a company Git server, which was left with a default username and password of admin/admin. Some leaked information included Nissan’s mobile apps, internal core mobile library, various sales and marketing tools, and vehicle logistics portal.
In March of 2022, Microsoft fell victim to the Lapsus$ hacking group attack. The group released a 9-gigabyte zip archive that contained source code for Microsoft’s Bing search, Bing Maps, and Cortana voice assistant.
The implications of source code leaks
If you’re still unclear about source code, It is the cornerstone of any company’s intellectual property and provides a wealth of information about the internal dependencies, components, and reasoning.
In today’s world of tough competition, a compromised source code can lead to disastrous results. Here are some of the implications of source code leaks
- It may endanger a company’s intellectual property and disclose upcoming or unannounced features of the production schedule. a decisive victory for the rivals.
- It may reveal private details about customers or even provide access to other internal systems for attackers.
- It can harm a brand’s image, especially if it erodes customers’ trust, which significantly affects the business’s bottom line negatively.
Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!